Options
GWAPT - Worried about the content
Hi Everyone,
I'm sitting here in the SEC542 course right now and I'm on day 4.
I was always told that the course books were all you need in order to take the exams and pass them, however, it seems like this course's books are fairly short in the amount of information within the text under the slides.
I'm comparing this to the SEC504 I took in September last year.
For those of you who took this, what should I do? Should I focus on the material in the books, make my index, and just hammer away in the workbook labs and just understand how each of the labs are working?
In particular, I'm very worried about AJAX and some of the SQL (SQL not as much as AJAX, but I'm COMPLETELY lost on AJAX)
Should I grab another book? I know I can and should look at w3schools for things I don't understand, and I will.
I'm sitting here in the SEC542 course right now and I'm on day 4.
I was always told that the course books were all you need in order to take the exams and pass them, however, it seems like this course's books are fairly short in the amount of information within the text under the slides.
I'm comparing this to the SEC504 I took in September last year.
For those of you who took this, what should I do? Should I focus on the material in the books, make my index, and just hammer away in the workbook labs and just understand how each of the labs are working?
In particular, I'm very worried about AJAX and some of the SQL (SQL not as much as AJAX, but I'm COMPLETELY lost on AJAX)
Should I grab another book? I know I can and should look at w3schools for things I don't understand, and I will.
Comments
-
Options
iBrokeIT
Member Posts: 1,318 ■■■■■■■■■□
You can relax, I just took GWAPT earlier this week and found it to be on par with the GCIH. A good, thorough index will get you through this exam.
I actually took the SEC542 class back at Sec West 2018 in May, put it off until three weeks ago, crammed and created my index in 2.5 weeks, and passed with an 87%.
I would recommend that you create you index and then take your first practice exam to get a feel for it before you start looking into supplemental material. The labs can be helpful if you are having difficultly grasping a subject and you are more of a hands on learner.2019: GPEN | GCFE | GXPN | GICSP | CySA+
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GSE | GCFA
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops | SANS Grad Cert: Incident Response -
Options
TechGuru80
Member Posts: 1,539 ■■■■■■□□□□
The exam is only 75 questions so the books don’t have to be as long as GCIH. Understand the labs, techniques, and tools...you should be fine. -
Options
LionelTeo Member Posts: 526 ■■■■■■■□□□
[HTML][/HTML]Hi Everyone,
I'm sitting here in the SEC542 course right now and I'm on day 4.
I was always told that the course books were all you need in order to take the exams and pass them, however, it seems like this course's books are fairly short in the amount of information within the text under the slides.
I'm comparing this to the SEC504 I took in September last year.
For those of you who took this, what should I do? Should I focus on the material in the books, make my index, and just hammer away in the workbook labs and just understand how each of the labs are working?
In particular, I'm very worried about AJAX and some of the SQL (SQL not as much as AJAX, but I'm COMPLETELY lost on AJAX)
Should I grab another book? I know I can and should look at w3schools for things I don't understand, and I will.
It is totally okay to go with the course material alone but also lookout to enrich your knowledge especially on your weak area.
Here is my take on outside resources since I had used the Web Application Hacker Handbook without the actual course materials for the exam and pass it. Although WAHH is one of the best books for learning web application attacks, there content in the book and the course itself is vastly different. While the same concept revolves around the same theory, their application can differ. One example that I can vaguely remember is the WAHH speak about using time delay for fingerprinting while SANS actually uses the same technique for something else. Eventually, I realize it is all about understanding the technique and knowing the application!